In association with heise online

15 January 2007, 13:48

Michael Thumann

Breaking into a VPN

Sloppy configurations make for unsecured VPNs

The IP extension IPSec is generally considered the most secure VPN technology. But it also has its weak points that special tools can find and exploit. Prudent administrators therefore test their own network – before the hackers do.

Virtual Private Networks (VPNs) can save a lot of money by using the Internet to transport data instead of expensive dedicated lines, and modern encryption and authentication methods can ensure the confidentiality of data sent across such public networks. Currently, the most important protocol for the implementation of VPNs is IPSec, which is unfortunately also the most complex. IPSec can not only be used to link complete enterprise networks to the Internet, but also to connect mobile users to their company's email and database server.

At the same time, this complexity can itself become a security risk. You need expertise and experience to configure IPSec-based VPNs correctly -- two requirements that an astonishing number of administrators do not sufficiently meet. In combination with lazy use of default settings in many devices and programs, underskilled administrators create preventable weak points that leave open dangerous points of entry for hackers.

Last stop: security

VPN encryption is almost impossible to crack itself, so the best place to try to get into a VPN are the two end points. On the one hand, we have VPN gateways, a company's central dial-in point; on the other, the VPN client of mobile users, such as notebooks.

The most common target of hackers is generally notebooks, starting from theft to entry via security holes in the operating system or applications running on it. Wireless networks in hotels and airports offer hackers promising opportunities because in such places it is very probable that they will find someone setting up a VPN tunnel to their company to exchange data.

While most vendors of VPN solutions offer special client software with an integrated firewall to prevent access to the computer, not all of them actually install and enable the software. Once VPN access has been set up, hackers are able to move around within the enterprise network via the hacked device and get access to confidential information -- if they haven't already found it on the local hard drive.

But the company's gateway may also offer hackers a few entry points. And unlike mobile devices, it is of necessity constantly reachable via the Internet, making it directly exposed to attacks.

Print Version | Permalink:
  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit